MCPcopy
hub / github.com/garrytan/gstack / restrictFilePermissions

Function restrictFilePermissions

browse/src/file-permissions.ts:67–82  ·  view source on GitHub ↗
(filePath: string)

Source from the content-addressed store, hash-verified

65 * current user full control.
66 */
67export function restrictFilePermissions(filePath: string): void {
68 if (process.platform === 'win32') {
69 try {
70 const user = os.userInfo().username;
71 execFileSync(
72 'icacls',
73 [filePath, '/inheritance:r', '/grant:r', `${user}:(F)`],
74 { stdio: 'ignore' },
75 );
76 } catch (err) {
77 warnIcaclsFailure(filePath, err);
78 }
79 return;
80 }
81 try { fs.chmodSync(filePath, 0o600); } catch { /* best-effort */ }
82}
83
84/**
85 * Restrict a directory to owner-only access (POSIX 0o700 equivalent),

Callers 3

writeSecureFileFunction · 0.85
appendSecureFileFunction · 0.85

Calls 1

warnIcaclsFailureFunction · 0.85

Tested by

no test coverage detected